Last week, following on President Obama’s memorandum on managing government records, the Office of Management and Budget (OMB) and the National Archives and Records Administration (NARA) issued a records management (RM) directive. The directive affects all US government executive departments and agencies and applies to all federal records.

This significant effort to reform RM policies and practices includes a focus on digital government with a requirement to eliminate paper and use electronic recordkeeping where feasible, manage both permanent and temporary email records electronically, and take steps to demonstrate compliance with federal RM statutes and regulations such as designating a senior official to oversee RM programs and proving appropriate training.

The directive also identifies specific actions that will be taken by NARA and other agencies to support federal government records management programs. Critically, these include revised guidance for transferring permanent electronic records; email guidance; research into automated management of email, social media, and other types of digital record content; and embedding RM needs into cloud architectures. Further, it calls for investigating secure cloud-based service options to store and manage unclassified electronic records, and a series of steps to promote partnerships and better serve agencies.

I’ve been speaking to more and more clients lately who are not just saving money with cloud computing — they’re using the principles of the cloud to completely transform how they source, build, and deliver all IT services. Savvy I&O leaders should look beyond the per-hour savings promised by the cloud to the core tenets of cloud computing itself. How do the public clouds do it? Why can’t you?

Well, you can. You can transform your IT operating model from that of widget-provider to a true service-oriented business partner. Forrester writes extensively about how to make the IT to BT (business technology) transition. I recently spoke at length with the IT management team at Commonwealth Bank of Australia (CBA) about their multi-year IT transformation to what they call “everything-as-a-service.” I was put in touch with them by one of their primary suppliers, cloud service management and automation vendor ServiceMesh.

We’ll be publishing a complete case study soon, but I wanted to share some of the basics here because they outline a strategy anyone can achieve, regardless of your current level of cloud maturity. The bank started by establishing six core tenets to be enforced across all I&O services moving forward, whether hosted internally or externally. These guiding principles neatly summarize the core value dimensions of cloud computing itself:

Pay as you go. Business customers only pay for products and services actually used, on a metered, charge-back basis, under flexible service agreements, as opposed to fixed-term contracts.

With VMworld in full swing this week and Microsoft’s cloud-centered Windows Server 2012 launching soon after, your options for technology to build and deploy enterprise clouds is about to expand significantly. Meanwhile, Amazon continues to drop prices faster than your local Wal-Mart, introduce new cloud compute and storage services almost monthly, and has already gobbled up a trillion objects in S3. Is it time to start moving your workloads to the cloud?

Forrsights surveys show that companies are indeed moving to the cloud, primarily for speed and lower costs — but are the savings really there? The answer might not be obvious. Are you heavily virtualized already? Have you moved up the virtualization value chain beyond server consolidation to using virtual machines for better disaster recovery, less downtime, automated configuration management, and the like? Do you have a virtual-first policy and actively share resources across business units? If you run a mature virtual environment today, your internal infrastructure costs might already be competitive with the cloud.

What’s better than writing about one hot topic? Well, writing about two hot topics in one blog post — and here you go:

The State Of BI In The Cloud

Over the past few years, BI business intelligence (BI) was the overlooked stepchild of cloud solutions and market adoption. Sure, some BI software-as-a-service (SaaS) vendors have been pretty successful in this space, but it was success in a niche compared with the four main SaaS applications: customer relationship management (CRM), collaboration, human capital management (HCM), and eProcurement. While those four applications each reached cloud adoption of 25% and more in North America and Western Europe, BI was leading the field of second-tier SaaS solutions used by 17% of all companies in our Forrester Software Survey, Q4 2011. Considering that the main challenges of cloud computing are data security and integration efforts (yes, the story of simply swiping your credit card to get a full operational cloud solution in place is a fairy tale), 17% cloud adoption is actually not bad at all; BI is all about data integration, data analysis, and security. With BI there is of course the flexibility to choose which data a company considers to run in a cloud deployment and what data sources to integrate — a choice that is very limited when implementing, e.g., a CRM or eProcurement cloud solution.

“38% of all companies are planning a BI SaaS project before the end of 2013.”

Categories:

In November 2011, Atos and Yonyou (formerly Ufida) announced the creation of a joint venture dubbed Yunano™ aimed at the European SMB market. The two companies are at it again, this time focusing specifically on the Chinese domestic market. I recently met with Herbie Leung, CEO of Atos in Asia Pacific, to discuss the partnership and future market opportunities in China. This new agreement essentially covers three areas of collaboration:

Bringing PLM and MES expertise to Yonyou customers. With more than 1.5 million customers, Yonyou is one of the largest software providers in China with strengths in ERP and CRM solutions. However, the company lacks capabilities in adjacent areas like product lifecycle management (PLM) and manufacturing execution systems (MES). Following the SIS acquisition, Atos has significantly strengthened its capabilities in these domains and will offer them to Yonyou clients.

Helping Yonyou’s customers migrate to private cloud architectures. The lack of private cloud technical skills in China led Yonyou to leverage Atos’s expertise to develop private cloud assessment workshops and ERP migration services targeting the China market. Atos will in turn leverage Canopy, a company it recently created in partnership with EMC and VMware to provide cloud solutions to its clients globally.

Helping Yonyou expand into new markets in Asia. Like many Chinese companies, Yonyou has global aspirations.While theYunano joint venture focuses on bringing Yonyou’s ERP solutions to the mid-market in EMEA, the new partnership will leverage Atos go-to-market capabilities to take the Yonyou solutions to other markets in Asia.

Categories:

Protocol gut check. That's how someone recently described some research I've got under way for a report we're calling the "TechRadar™ for Security Pros: Zero Trust Identity Standards," wherein we'll assess the business value-add of more than a dozen identity-related standards and open protocols. But it's also a great name for an episode of angst that recently hit the IAM blogging world, beginning with Eran Hammer's public declaration that OAuth 2.0 -- for which he served as a spec editor -- is "bad."

As you might imagine, our TechRadar examination will include OAuth; I take a lot of inquiries and briefings in which it figures prominently, and I've been bullish on it for a long time. In this post, I'd like to share some thoughts on this episode with respect to OAuth 2.0's value to security and risk pros. As always, if you have further thoughts, please share them with me in the comments or on Twitter.